What are Denial-of-service (DOS) attacks?

In a Denial of service attack, a hacker tries to flood the targeted machine with requests until all the resources are used up and the service becomes unavailable. A single computer is used to launch the attack.

Types of DoS attacks

The attacks can be generally divided into two types:

1. Buffer overflow attacks. In this attack, the hacker tries to manipulate the system in such a way that memory buffer overflow occurs. The machine then consumes all the available CPU resources, which will result in a system crash.

2. Flood attacks. The hacker tries to overwhelm the targeted computer by sending data packets to the machine. All the system resources are used up and, therefore, when an actual request comes to connect to the service, the machine is unavailable and the services can’t be accessed. These include sending ICMP packets, SYN packets, or other data packets.

Over the years, there have been considerable DoS attacks:

• Ping-of-death: A malicious data packet is sent to the machine and results in the machine crashing. This attack makes the services unavailable until the machine can be restored.
• Ping-flood: Multiple ICMP packets are sent to the machine. When the number of pings sent is higher than what the actual system can handle, it will begin rejecting legitimate data packets.
• SYN-flood: It exploits the TCP handshake and sends a large number of SYN packets from spoofed IP addresses to initiate the connection. The server keeps waiting until timeout. A time comes when the server has no more resources to attend to new requests, and so, it crashes.

Prevention

1. Use anti-DDoS Softwares to help distinguish between legitimate traffic and bogus traffic.

2. Dispersing traffic amongst servers can help make the attack ineffective. Higher capacity would require the hacker to have greater resources; therefore, the chances of a DoS attack are reduced.

3. Configuring firewalls and routers can filter out unwanted traffic.

4. In case of excessive traffic, make use of black hole routing, which redirects traffic to a null route to prevent the targeted machine from being overwhelmed and the services crashing.

DoS attacks require huge resources. Therefore, the hackers make use of DDoS attacks, which enables​ them to carry out attacks with someone else’s resources.